Share this post
What is this article about?
New UK regulations requiring payment firms to refund fraud victims up to £85,000 within five days
Why is it important?
It aims to protect consumers from authorised push payment (APP) fraud but raises concerns about the adequacy of protection for larger fraud cases.
What’s next?
Financial institutions must adopt AI-driven solutions and collaborate closely to proactively combat evolving fraud threats.
As of October 7, all UK payment firms making use of the faster payment system (FPS) are required to refund fraud victims up to £85,000 within five days under new rules set by the Payment Systems Regulator (PSR).
While this marks a significant step toward protecting consumers from authorised push payment (APP) fraud, concerns remain that the reduced compensation cap may leave some victims vulnerable. Further, it is unclear whether the rules address the complexities and evolving fraud tactics. As fraud continues to rise, especially with the emergence of AI-powered scams, is this new regulation enough to tackle the ever-evolving threat of financial fraud?
APP fraud: A growing crisis
APP fraud is increasingly prevalent because scammers exploit trust between victims and entities posing as legitimate service providers, making them difficult to detect. According to the Payment Systems Regulator (PSR), the volume of APP fraud cases rose by 12% last year. This increase was driven by fraudsters leveraging sophisticated techniques, such as fraud networks, phishing scams and AI-generated deepfakes, to trick victims into authorising payments.
One key factor behind this rise was the greater accessibility of technology that fraudsters can use to mimic legitimate businesses or individuals, often using social engineering tactics. As scams become more advanced, even the most cautious consumers are falling victim.
Benefits vs. concerns of the new regulations
The PSR’s new rules are a critical step in addressing this crisis. However, the decision to cap refunds at £85,000—down from an earlier proposal of £415,000—has sparked debate with various concerns. While users can still request refunds for amounts above the cap, this process may be more complex, raising questions about the adequacy of protection for victims of large-scale fraud.
Although this new cap will cover more than 99% of claims, consumer advocacy groups, such as Which?, argue that the lower cap may reduce the financial industry’s incentive to prevent fraud. Furthermore, the reduced compensation could result in banks taking a more lax approach to fraud prevention and leaving victims in the lurch, assuming they will be covered.
Mitigating APP fraud
While refunds provide some level of protection for individuals, they are perceived as a constant burden for financial institutions. Moreover, many businesses lack the adequate technology to combat the growing sophistication of fraud tactics.
In one recent case, a UK businessman and Revolut user lost £165,000 to fraud when scammers bypassed security measures and gained access to his Revolut business account, authorising hundreds of transactions in just an hour. Avoiding common fraud schemes requires vigilance and awareness from individuals, too. They must be cautious with unsolicited payment requests, verify the legitimacy of invoices or purchase requests, and remain mindful of sharing personal or financial information so easily.
Regarding businesses, recent data revealed a 245% year-over-year increase in deepfake fraud cases globally, highlighting the need for more robust fraud prevention measures. The key is to stay one step ahead of fraudsters by adopting AI-driven solutions that can detect anomalies in user behaviour and identify fraud patterns as they emerge. As the financial industry becomes increasingly digital, the threat landscape will continue to evolve. A reactive approach to fraud is no longer sufficient; financial institutions must proactively monitor and defend against emerging threats.
AI is a double-edged sword in fraud prevention. While fraudsters use it to create deepfakes and manipulate unsuspecting victims, financial institutions can also harness AI to combat these threats. The PSR’s new fraud refund rules are undoubtedly a step forward in protecting consumers from APP fraud’s financial and emotional devastation; however, more needs to be done. To effectively mitigate and detect APP fraud, financial institutions should adopt a multi-layered strategy to fight AI with AI.
In addition to screening out seemingly malicious actors during know-your-customer (KYC) and anti-money laundering (AML) checks, banks and payments companies can employ machine learning models for pattern recognition and anomaly detection to identify unusual transaction behaviour post-onboarding, such as large transfers to new payees. Transaction history analysis can help spot deviations from typical behaviour, like sudden payments to foreign accounts or newly added recipients.
Additionally, behavioural biometrics can detect fraud by monitoring user actions like typing speed or mouse movements for signs of coercion. AI-based fraud scoring, geo-location monitoring, and implementing multi-factor authentication (MFA) can further enhance real-time fraud detection and prevention.
Collaboration is key
One of the most promising aspects of the PSR’s new rules is the provision that banks can claim back half of the refunded amount from the financial institution where the fraudster’s account was held. This “game-changing” rule could encourage banks to collaborate more closely to shut down fraudulent accounts quickly and prevent future scams. By incentivising both parties to act swiftly, the financial industry may be able to stem the rising tide of fraud.
However, this alone won’t solve the problem. Collaboration between regulators, financial institutions, and expert fraud prevention companies is essential to create a more secure financial ecosystem. Platforms at the forefront of this effort must be ‘in the room,’ working closely with both policymakers and businesses. Together, they can shape legislation that accurately reflects the threats posed by AI-driven fraud, ensuring that both consumers and businesses are better protected.
Read more Payments Intelligence
Does the National Payments Vision mean a rethink on safeguarding?
The FCA’s safeguarding plans need alignment with the National Payments Vision to ensure strategic, cost-effective, and consumer-focused reforms.
Navigating the rise of AI-enabled fraud
AI-driven fraud is rising, pushing firms to adopt advanced tools, partnerships, and training to stay ahead.
What we can expect from crypto and payment services in 2025
UK crypto regulations will reshape compliance for payment firms, with implementation by 2026.